df15d65ee29b8cb7ec8ede2a41b85f77cf1d35c8b0bf62aaaa67a74329f81f91[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

df15d65ee29b8cb7ec8ede2a41b85f77cf1d35c8b0bf62aaaa67a74329f81f91.dll
Size

411KB
MD5

bbef7a54ceea26127c9c8e1c22a1d78c
SHA1

ac4995b3e033a76630ea04fff2a00b2c0ad610f0
SHA256

df15d65ee29b8cb7ec8ede2a41b85f77cf1d35c8b0bf62aaaa67a74329f81f91
SHA512

7e5e7ec9c3c519b03f6c6003b622f3c3b9a0873997cea0b03e38913a3971c7cb578879efa5fc66afd33d2957a359f1b12fefa5f00ac3f45ff8d2c06f3a4e31ea
SSDEEP

6144:KtL2zY1O3P3Q4qJzXLCQSN6j7CmBnmErY+32+Ny/ITLkPzQVrPoRPFK/AOfwPN:KtLQfQ4CiDN6PCmBnmq2+Ny3zYc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df15d65ee29b8cb7ec8ede2a41b85f77cf1d35c8b0bf62aaaa67a74329f81f91.dll

Files

df15d65ee29b8cb7ec8ede2a41b85f77cf1d35c8b0bf62aaaa67a74329f81f91.dll
.dll windows:6 windows x86 arch:x86

08fa762037ac798c0d1b9aaf798534ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

steam_api

SteamInternal_CreateInterface
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallback
SteamGameServer_GetHSteamUser
SteamAPI_RegisterCallback
SteamGameServer_GetHSteamPipe

tier0

ReleaseThreadHandle
CreateSimpleThread
CommandLine_Tier0
?DevWarning@@YAXPBDZZ
Error
ThreadWaitForObjects
g_pMemAlloc
DevMsg
GetCPUInformation
GetSpewOutputFunc
SpewOutputFunc
Warning
Msg
GetThreadedLoadLibraryFunc
?DevMsg@@YAXPBDZZ
Plat_IsInDebugSession

vstdlib

RandomInt
KeyValuesSystem
RandomSeed

kernel32

SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
VirtualQuery
GetModuleFileNameA
FreeLibrary
GetCurrentProcess
VirtualProtect
GetProcAddress
LoadLibraryA
LoadLibraryExA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
GetTimeFormatW
GetDateFormatW
GetCurrentThreadId
HeapReAlloc
GetTimeZoneInformation
MoveFileExW
DeleteFileW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetStringTypeW
GetCPInfo
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
GetDriveTypeW
GetFullPathNameW
SetEnvironmentVariableW
GetCurrentDirectoryW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW

Exports

Exports

CreateInterface
cvar

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08fa762037ac798c0d1b9aaf798534ee

Headers

DLL Characteristics

File Characteristics

Imports

steam_api

tier0

vstdlib

kernel32

Exports

Exports

Sections

.text Size: 293KB - Virtual size: 293KB

code Size: 8KB - Virtual size: 7KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 7KB - Virtual size: 64KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 293KB - Virtual size: 293KB

code
Size: 8KB - Virtual size: 7KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 7KB - Virtual size: 64KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 16KB - Virtual size: 15KB